Post navigation

DHS Secretary Offers No Timeline on Cybersecurity Executive Order

April 18, 2017–Homeland Security Secretary John Kelly today suggested he did not know when the Trump administration might issue a long-promised executive order to guide the federal government on the next steps it should take on cybersecurity.

“We’re standing by with bated breath,” Mr. Kelly said when asked about the executive order, which the White House had been scheduled to issue in February. Shortly after the EO’s release was postponed, Mr. Kelly told the House Homeland Security Committee that the initial draft of the order was badly flawed (TR Daily, Feb. 7). Mr. Kelly’s speech today at George Washington University was one of his first major public appearances, and while he spoke at length on the Department of Homeland Security’s anti-terrorism and immigration enforcement missions, he offered few detailed policy pronouncements about cyber.

His prepared remarks, as released by DHS, included a longer section on cybersecurity that Mr. Kelly omitted from his actual speech. “We’re working with our nation’s most critical businesses to build in resilience to our digital and physical infrastructure. This helps ensure criminals and other bad actors — including Mother Nature — can’t disrupt the systems and networks that drive our American way of life,” the prepared remarks say.

In his actual speech, Mr. Kelly stressed the importance of public-private partnerships to secure cyberspace — a fairly conventional idea even during the Obama administration. He defended the decision of his predecessor at DHS, Jeh Johnson, to designate the nation’s election systems as “critical infrastructure.”

“That’s controversial. I’ve tried to explain to people why he did it and what it really does mean,” he said. Rather than “we’re from the government, and we’re here to help,” he said, DHS hopes to make it clear that, on cybersecurity, “we’re from the government, and we’re here to partner.” —Tom Leithauser, tom.leithauser@wolterskluwer.com